Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tbEunONHbiaY-cf_GaDQ610Ei3g.roa
File: tbEunONHbiaY-cf_GaDQ610Ei3g.roa (raw, json)
Hash identifier: DnJB/utcYSQ//pVHS5+0VlSJNCEF6BEkgxDZ3xfou00=
Subject key identifier: B5:B1:2E:9C:E3:47:6E:26:98:F9:C7:FF:19:A0:D0:EB:5D:04:8B:78
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 562F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tbEunONHbiaY-cf_GaDQ610Ei3g.roa
Signing time: Mon 13 May 2024 11:54:09 +0000
ROA not before: Mon 13 May 2024 11:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22063 (0x562f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 11:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B5B12E9CE3476E2698F9C7FF19A0D0EB5D048B78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:43:60:54:6d:f8:82:69:ff:f4:e7:1a:d2:06:
49:5e:1a:c5:c8:64:83:41:df:a8:c9:7f:db:09:32:
ef:0d:91:75:8d:fb:78:e4:d1:ca:d8:f1:5d:a8:03:
76:74:d6:6e:b6:ba:bf:85:4a:ce:2e:eb:38:39:3c:
9d:83:9f:e3:49:dd:3d:e1:4f:94:3e:6a:f9:9a:75:
8c:6c:ea:5c:f2:ee:12:02:42:8d:f9:79:7a:83:85:
e0:c3:63:a5:14:fb:73:ff:3c:9b:06:0f:33:84:56:
c3:9b:24:28:a0:db:a6:22:12:3e:e8:b9:83:36:56:
96:5b:65:1d:24:6e:1d:89:ce:05:1c:d2:fd:af:1a:
f8:37:36:41:9f:7f:a4:be:bd:57:9d:3e:b9:da:5a:
4c:5d:41:ad:b8:ce:70:ea:4b:52:c8:97:1d:df:2b:
a1:2b:1f:76:4a:35:65:49:2e:57:9b:7a:0c:54:76:
8c:b3:c1:db:e4:ca:1f:8b:ac:70:bf:22:65:15:cc:
0a:24:ad:8f:b3:c2:2d:a8:c2:fa:70:5f:2f:6a:27:
7a:75:41:3a:de:70:0a:c0:a5:b6:16:0b:f4:5f:05:
c6:0c:f6:3a:30:e4:01:cc:78:86:84:47:5f:cf:32:
7e:77:26:54:bd:12:f4:f2:f1:e5:21:a0:58:ea:70:
4a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:2E:9C:E3:47:6E:26:98:F9:C7:FF:19:A0:D0:EB:5D:04:8B:78
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tbEunONHbiaY-cf_GaDQ610Ei3g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
78:51:89:dd:c5:da:22:4a:9b:fa:6a:3b:66:80:48:8f:a7:38:
74:30:e5:5e:42:62:f3:7a:e9:17:3f:cc:b5:f4:33:4e:a7:50:
6a:2e:8a:17:12:ec:15:4f:62:f4:db:d4:06:bb:03:12:b5:e0:
a8:7d:ce:e4:ec:ce:84:dd:1b:5b:a6:40:0e:80:55:b3:f3:54:
96:f9:68:be:b5:95:49:24:3c:cd:2c:5c:fa:7a:d9:84:06:73:
5a:ab:ee:63:a2:58:26:dd:48:c9:93:a0:64:06:9f:33:24:6e:
ea:0b:9c:39:11:67:28:2a:b2:1a:dc:3a:ff:07:90:90:a7:79:
78:e6:58:2c:77:87:78:a8:b7:55:11:4e:a6:b4:bf:a1:df:58:
e4:d8:62:b5:e5:b7:5d:1e:33:05:a3:a9:11:b5:23:03:b9:48:
9c:b6:55:97:35:3b:97:c8:2d:e2:d5:03:c8:0f:a8:4e:23:9a:
3d:d9:8a:c8:5b:9c:a5:fc:8a:22:07:e4:06:e2:2d:7d:e7:8c:
66:89:20:88:e6:c7:ee:36:6e:6b:58:6b:72:e9:5b:c0:45:0c:
d8:5d:5b:d3:93:b3:9c:ec:dc:23:00:fc:21:bf:51:2e:03:38:
f7:07:75:c1:49:f8:ce:a7:57:e0:9f:3e:e3:08:2b:c3:4a:6d:
c2:76:4a:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MTU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1QjEyRTlDRTM0NzZF
MjY5OEY5QzdGRjE5QTBEMEVCNUQwNDhCNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjQ2BUbfiCaf/05xrSBkleGsXIZINB36jJf9sJMu8NkXWN+3jk
0crY8V2oA3Z01m62ur+FSs4u6zg5PJ2Dn+NJ3T3hT5Q+avmadYxs6lzy7hICQo35
eXqDheDDY6UU+3P/PJsGDzOEVsObJCig26YiEj7ouYM2VpZbZR0kbh2JzgUc0v2v
Gvg3NkGff6S+vVedPrnaWkxdQa24znDqS1LIlx3fK6ErH3ZKNWVJLlebegxUdoyz
wdvkyh+LrHC/ImUVzAokrY+zwi2owvpwXy9qJ3p1QTrecArApbYWC/RfBcYM9jow
5AHMeIaER1/PMn53JlS9EvTy8eUhoFjqcEr/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtbEunONHbiaY+cf/GaDQ610Ei3gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RiRXVuT05IYmlhWS1j
Zl9HYURRNjEwRWkzZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHhRid3F2iJKm/pqO2aASI+nOHQw5V5C
YvN66Rc/zLX0M06nUGouihcS7BVPYvTb1Aa7AxK14Kh9zuTszoTdG1umQA6AVbPz
VJb5aL61lUkkPM0sXPp62YQGc1qr7mOiWCbdSMmToGQGnzMkbuoLnDkRZygqshrc
Ov8HkJCneXjmWCx3h3iot1URTqa0v6HfWOTYYrXlt10eMwWjqRG1IwO5SJy2VZc1
O5fILeLVA8gPqE4jmj3ZishbnKX8iiIH5AbiLX3njGaJIIjmx+42bmtYa3LpW8BF
DNhdW9OTs5zs3CMA/CG/US4DOPcHdcFJ+M6nV+CfPuMIK8NKbcJ2SsQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:14:13 2025 by rpki-client